1. Field of the Invention
The present invention generally relates to the management of terminal apparatuses of a communication network. More particular, the present invention relates to an identification information creating method for identifying the terminal apparatuses, a communication network system, an information processing apparatus and a computer program product therefor; moreover, to a recording device monitoring method for monitoring attaching or detaching of a recording device to or from the terminal apparatuses, an information processing apparatus and a computer program product therefor; and further, to a terminal apparatus management method for managing terminal apparatuses, a communication network system and a computer program product therefor.
2. Description of Related Art
In many communication network systems, a multiplicity of terminal apparatuses are connected to a central apparatus such as a file server or a database server, and necessary data can be downloaded by accessing, for example, the file server from the terminal apparatuses. Many communication network systems prevent accesses from unauthorized users by performing authentication using passwords and the like. However, in recent years, in order to prevent information leakage, it has been performed to restrict the accessible data on an apparatus-by-apparatus basis. For example, access restriction suitable for each terminal apparatus can be placed by identifying each terminal apparatus with use of the IP address assigned to each terminal apparatus or by identifying each terminal apparatus with use of the MAC address assigned to the LAN board of each terminal apparatus (see, for example, Japanese Patent Application Laid-Open No. 2000-187646).
However, since the setting of IP addresses can be easily changed by software, it is impossible to uniquely identify terminal apparatuses by IP addresses. Moreover, since LAN boards can be easily changed, it is also impossible to uniquely identify terminal apparatuses by LAN boards. Particularly, in the case of notebook-sized personal computers, extended cards (LAN cards) such as IC cards are frequently changed. For these reasons, it is possible to spoof as an authorized terminal apparatus by changing the setting of the IP address or changing the LAN card.
Moreover, in recent years, the range of use of stamp-sized recording media of approximately 10 to 100 M bytes using flash memories has been increasing. For example, a recording medium as mentioned above is inserted into a predetermined slot of a booted computer, the computer automatically recognizes the recording medium, and the recording medium can be used like a hard disk. Such easily attached and detached recording media increase the fear of information leakage.
As a method for managing a change (attaching or detaching) of a recording device such as the above-mentioned recording medium in terminal apparatuses, a method is considered such that a management server is provided in the communication network system and the management server inquires of each terminal apparatus the presence or absence of a change of a recording device. However, when the management server makes an inquiry to each terminal apparatus, the traffic of the network increases. Moreover, when the number of terminal apparatuses is large, the period of inquiry to each terminal apparatus increases, so that it is difficult to instantly detect a change of a recording device of each terminal apparatus. Further, it is necessary to preregister the terminal apparatuses to be managed in the management server.